By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Security researchers have advised users that a patch designed to address six serious security vulnerabilities in Microsoft 's Internet Explorer does not fix all the problems.

Security company GreyMagic Software stated that the patch, released on Thursday, only fixed version 6.0 of Internet Explorer. Users on version 5.0 and 5.5 were still exposed to potential hacking attacks

Another security expert, Thor Larholm, went further, suggesting that Microsoft had misunderstood the nature of the problem.

The patch was intended to correct a number of security issues in Internet Explorer 5.01, Internet Explorer 5.5 and Internet Explorer 6.0 including a fix that closed a vulnerability in one of Internet Explorer's local HTML (Hypertext Markup Language) resources.

According to Microsoft, the flaw could only be exploited when a user clicks on an HTML (Hyptertext Markup Language) link on a Web page or in an e-mail message.

But on his security Web site, Larholm claimed, "A successful attack requires that a user first click on a hyperlink. There is no way to automate an attack using this vulnerability."

He added that Microsoft appeared to have misunderstood a number of issues surrounding this vulnerability.

"Microsoft is aware of the issues and is investigating the reports," a Microsoft spokesman said. Microsoft maintained that the patch does what the company said, but it was also investigating the researchers' claims, the spokesman explained.

This is not the first time that a Microsoft patch has caused problems for users. Another IE patch, released in February, caused the browser to crash.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy